Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug]: DXE core memory protection feature might cause inconsistency between GCD internal data structure with CPU page table #10771

Open
2 of 5 tasks
qhuang8 opened this issue Feb 19, 2025 · 1 comment
Open
2 of 5 tasks

[Bug]: DXE core memory protection feature might cause inconsistency between GCD internal data structure with CPU page table #10771

qhuang8 opened this issue Feb 19, 2025 · 1 comment
Labels
package:mdemodulepkg priority:high Significant impact. Should be fixed as soon as possible. state:needs-owner state:needs-triage type:bug Something isn't working

Comments

@qhuang8
Copy link
Contributor

qhuang8 commented Feb 19, 2025

Is there an existing issue for this?

  • I have searched existing issues

Bug Type

  • Firmware
  • Tool
  • Unit Test

Code first?

  • Yes

What packages are impacted?

MdeModulePkg

Which targets are impacted by this bug?

DEBUG, RELEASE

Current Behavior

When we enable DXE core memory protection feature, if we set some GCD irrelevent attributes like EFI_MEMORY_SP or EFI_MEMORY_CPU_CRYPTO via GCD SetMemorySpaceAttributes (), it will cause page fault except.

Expected Behavior

We can still invoke SetMemorySpaceAttributes () successfully to append EFI_MEMORY_SP or EFI_MEMORY_CPU_CRYPTO

Steps To Reproduce

  1. Set the following two platform PCD to enable memory protection.
    PcdSetNxForStack| TRUE
    PcdDxeNxMemoryProtectionPolicy| 0x7FD5

  2. Invoke GCD SetMemorySpaceAttributes () API in later DXE phase to append EFI_MEMORY_SP or EFI_MEMORY_CPU_CRYPTO (keep the original attributes)

  3. System will have page fault exception

Build Environment

- OS(s):Windows 11
- Tool Chain(s): VS2019

Version Information

Commit: f979f51157c5560c658537ea2a488b7a8439e463

Urgency

High

Are you going to fix this?

Someone else needs to fix it

Do you need maintainer feedback?

No maintainer feedback needed

Anything else?

The root cause of this issue is that Edk2\MdeModulePkg\Core\Dxe\Misc\MemoryProtection.c (line 1294) directly uses CPU arch protocol to clear XP in page table when loading DXE driver for execution, but it fails to update the GCD internal data structure according (the memory range still makes as XP attribute):
gCpu->SetMemoryAttributes (gCpu, Memory, Length, NewAttributes);

Later invoking of GCD SetMemorySpaceAttributes () will incorrectly re-apply the incorrect XP attribute and make it take effect in the final page table. When CPU executes the memory, it triggers the page fault exception.
@qhuang8 qhuang8 added state:needs-triage type:bug Something isn't working labels Feb 19, 2025
@github-actions github-actions bot added priority:high Significant impact. Should be fixed as soon as possible. package:mdemodulepkg state:needs-owner labels Feb 19, 2025
@makubacki
Copy link
Member

@os-d, you've looked at this recently. Would you like to follow up?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
package:mdemodulepkg priority:high Significant impact. Should be fixed as soon as possible. state:needs-owner state:needs-triage type:bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@qhuang8 @makubacki